Need help: fwd on ipfw

K Anderson freebsduser at comcast.net
Mon Oct 3 22:38:48 PDT 2005 

----- Original Message ----- 
From: "Foo Ji-Haw" <jhfoo at nexlabs.com>
To: "K Anderson" <freebsduser at comcast.net>; <freebsd-questions at freebsd.org>
Sent: Monday, October 03, 2005 10:16 PM
Subject: Re: Need help: fwd on ipfw


> Hello Mr Anderson,
>
> So, the story is that the newer versions of 5.x comes with forwarding
> disabled, hence the inability to to ipfw add fwd?
>
> Ok, will definately give it a try. Thanks for being a better Googler than
> me!
I don't recall if the default kernel has it compiled in, most likely not. 
You can check the generic kernel configuration file.


> ----- Original Message ----- 
> From: "K Anderson" <freebsduser at comcast.net>
> To: "Foo Ji-Haw" <jhfoo at nexlabs.com>; <freebsd-questions at freebsd.org>
> Sent: Tuesday, October 04, 2005 12:59 PM
> Subject: Re: Need help: fwd on ipfw
>
>
>>
>> ----- Original Message ----- 
>> From: "Foo Ji-Haw" <jhfoo at nexlabs.com>
>> To: <freebsd-questions at freebsd.org>
>> Sent: Monday, October 03, 2005 9:20 PM
>> Subject: Need help: fwd on ipfw
>>
>>
>> Hi all, I really need your help on this if you can...
>>
>> I am trying to put set up port forwarding on my machine. So far the usual
>> 'add allow' and 'add deny' rules work perfectly. The most important rule
>> which bugs me is the 'add fwd' rule, which the snippet below shows:
>> ipfw add fwd 192.168.0.4,80 tcp from 10.10.10.0 to any 80
>>
>> When I try to enter this on the command line, I get the following error:
>>  ipfw: getsockopt(IP_FW_ADD): Invalid Argument
>>
>> I tried researching the web. Some mention the error only upon recompiling
>> kernels. But I am using the standard 5.4 product release as-is. My
> firewall
>> rules in rc.conf are as follows:
>> firewall_enable="YES"
>> firewall_logging="YES"
>>
>> I also have this line in dmesg:
>>  ipfw2 initialized, divert disabled, rule-based forwarding disabled,
> default
>> to deny, logging disabled
>>
>> I see that 'rule-based forwarding' is disabled. Is this what caused the
>> error? How can I enable it? I can't find the details on the Handbook.
>> -----------------
>>
>> I did a google search on your message and found something. Here's a snip
> of
>> it.
>>
>> options IPFIREWALL
>>  options IPFIREWALL_DEFAULT_TO_ACCEPT
>>  options IPFIREWALL_VERBOSE
>>  options IPFIREWALL_FORWARD
>>
>>  if you don't add them to your kernel, forwarding in ipfw will  be
> disabled.
>>
>> Here's the URL.
>> http://archives.neohapsis.com/archives/freebsd/2005-01/0089.html
>>
>> Hope that helps.
>>
>> ~Mr. Anderson
>>
>>
>> _______________________________________________
>> freebsd-questions at freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
>

More information about the freebsd-questions mailing list